On Mon Apr 3 14:48:25 2006, Rodney Dawes wrote:
> 2. do you think we should fix it?
I don't think we should rely on the +x bit. The point of the +x
bit, is
that you can run the thing, from anywhere. Just setting it +x won't
let
you run it from the shell. You'd have to change the spec to specify
an
implementation to be an interpreter that works on the console, and
that
the first line of .desktop files be #!/path/to/interpreter, which
may
differ between systems. This would be quite bad and annoying, for
the
user to deal with.
"[...] an interpreter that works on the console" seems to be
overstating the problem, at least by implication. Saying that
.desktop files MUST begin with the line "#!/bin/false" works just
fine - they're not designed to run except from within a specific
environment anyway.
However, what I /do/ think we should do, is to fix the spec, and the
implementations, to more clearly define and interpret the Exec
field.
The problem raelly is that it's fairly arbitrary in what it allows.
Clarifying that to be more specific, to disallow language
interpretation
from the .desktop file, would help a lot more than just +x, I think.
Yes, this needs to happen too. That's "as well", and not "instead".
As a first step, it'd be very interesting to know what the Exec field
does actually get used for in legitimate .desktop files.
You could easily default a download to +x, simply by putting it
within
an archive which does preserve permission bits. The attacker could
quite
easily put the .desktop file in a .tar, and when the user downloads
it,
and opens it, they see a file in the archive utility, and then run
it,
and since it has the +x already, we would just run it. It doesn't
seem
like that is much of a solution to me. :)
This is true, but there's a secondary benefit to the +x hiding away
here - it's easy for a file manager, archiver, etc to display all +x
files with an emblem of some kind, and many have done so for years.
Sure, there's always a way around any hoop we put up for people to
jump through, and the only safe choice would be to destroy the
internet, and unplug your computer (from ethernet, modem, and power).
Dave.
--
You see things; and you say "Why?"
But I dream things that never were; and I say "Why not?"
- George Bernard Shaw
_______________________________________________
xdg mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/xdg
